QUOTE
13.1 The Customer shall:-
not use the Service for any unlawful purpose including without limitation for any criminal purposes;
not use the Service to send unsolicited electronic messages or any message which is obscene, threatening or offensive on moral, religious, racial or political grounds to any person including a company or a corporation;
not compromise or infect any systems with computer viruses or otherwise;
not infringe any intellectual property rights of TM, its related companies and subsidiaries or any third party;
not gain unauthorised access to any computer system connected to the Internet or any information regarded as private by any person including a company or corporation;
not share the Service with any person including a company or corporation without the prior written approval of TM and shall use the Service only for the purpose for which it is subscribed;
not resell or sublet the Service to any third parties without prior written consent from TM; and,
not use the Service in any manner, which in the opinion of TM may adversely affect the use of the Service by other Customers or efficiency or security as a whole.
not use the Service for any unlawful purpose including without limitation for any criminal purposes;
not use the Service to send unsolicited electronic messages or any message which is obscene, threatening or offensive on moral, religious, racial or political grounds to any person including a company or a corporation;
not compromise or infect any systems with computer viruses or otherwise;
not infringe any intellectual property rights of TM, its related companies and subsidiaries or any third party;
not gain unauthorised access to any computer system connected to the Internet or any information regarded as private by any person including a company or corporation;
not share the Service with any person including a company or corporation without the prior written approval of TM and shall use the Service only for the purpose for which it is subscribed;
not resell or sublet the Service to any third parties without prior written consent from TM; and,
not use the Service in any manner, which in the opinion of TM may adversely affect the use of the Service by other Customers or efficiency or security as a whole.
Probably why they put that up ;p
Okay, good job for TS as he found out this major security risk considering the number of IT grads and professionals these days are out there...
But posting this here is actually publicity to this loophole.
Only those who came to LYN would find out about this and if they are tech savvy enough, they will know how to get around it to minimize the exposure risk as much as possible.
But again, if someone with unholy intention stumbles upon this, it could mean disaster for those unaware and incapable to prevent it...
I would like to ask TS, now that you have found out and posted it to public, what is your next step? Will you report to relevant authorities?
Otherwise the purpose of this thread will be:
1. Publicize a major loophole in UniFi
2. Giving knowledgeable users the chance to avoid the risk, a really small amount of people in LYN.
3. Exposing a mass mount of UniFi-ers to exploits...
So, just be aware of that. I'm no IT expert with any qualification btw. TS, u're doing the right thing, salute! but there is still a loophole in what you are doing haha
This post has been edited by andrew9292: May 30 2010, 12:30 AM